CVE-2011-0738: Input Validation
First published: Wed Feb 02 2011(Updated: )
MyProxy 5.0 through 5.2, as used in Globus Toolkit 5.0.0 through 5.0.2, does not properly verify the (1) hostname or (2) identity in the X.509 certificate for the myproxy-server, which allows remote attackers to spoof the server and conduct man-in-the-middle (MITM) attacks via a crafted certificate when executing (a) myproxy-logon or (b) myproxy-get-delegation.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NCSA MyProxy | =5.0 | |
| NCSA MyProxy | =5.1 | |
| NCSA MyProxy | =5.2 | |
| Globus Toolkit | =5.0.0 | |
| Globus Toolkit | =5.0.1 | |
| Globus Toolkit | =5.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053461.html
- http://grid.ncsa.illinois.edu/myproxy/security/myproxy-adv-2011-01.txt
- http://osvdb.org/70494
- http://secunia.com/advisories/42972
- http://secunia.com/advisories/43103
- http://www.securityfocus.com/bid/45916
- http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053473.html
- http://lists.globus.org/pipermail/security-announce/2011-January/000018.html
- http://www.vupen.com/english/advisories/2011/0227
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64830
Frequently Asked Questions
What is the severity of CVE-2011-0738?
CVE-2011-0738 is considered a medium severity vulnerability due to its potential for man-in-the-middle attacks.
How do I fix CVE-2011-0738?
To fix CVE-2011-0738, it is recommended to upgrade to a version of MyProxy newer than 5.2 or Globus Toolkit newer than 5.0.2.
What software is affected by CVE-2011-0738?
CVE-2011-0738 affects MyProxy versions 5.0 to 5.2 and Globus Toolkit versions 5.0.0 to 5.0.2.
What type of attacks can CVE-2011-0738 enable?
CVE-2011-0738 can enable remote attackers to spoof the myproxy-server and conduct man-in-the-middle (MITM) attacks.
What components are improperly verified in CVE-2011-0738?
CVE-2011-0738 involves improper verification of both the hostname and the identity in the X.509 certificate for the myproxy-server.
- collector/nvd-historical
- agent/references
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/remedy
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ncsa
- canonical/ncsa myproxy
- version/ncsa myproxy/5.0
- version/ncsa myproxy/5.1
- version/ncsa myproxy/5.2
- vendor/globus
- canonical/globus toolkit
- version/globus toolkit/5.0.0
- version/globus toolkit/5.0.1
- version/globus toolkit/5.0.2